"Update it looks like reports are now coming in that 1 out of 16 computers are infected world wide and it could even be up to 1 out of 3 machines are infected"
A New Worm is on the prowl and it was discovered earlier this month. The worm goes by the name Conficker/Downadup. The worm exploits a Microsoft Windows OS service vulnerability MS08-067 (There was a patch for this released three months ago by Microsoft). This is a Critical security update "for all supported editions of Microsoft Windows 2000, Windows XP, Windows Server 2003, and rated Important for all supported editions of Windows Vista and Windows Server 2008."
"It spreads through USB memory devices like USB drives or MP3 players. The Windows option menu that appears after inserting the USB device will disguise the option to run the program as the option to open the folder. Open the file and release the worm.""
"As is the case with a lot of malware, Conficker appears to launching brute force attacks to extract passwords from computer and corporate internal networks, Panda said. The easier the password, the easier it is for Conficker to decipher it. Once the passwords are detected, cyber criminals can access computers and use them maliciously. "
Conficker/Downadup Worm Dubbed 'Epidemic' (PCmag.com)
Confick or Downadup Worm Can Be Squashed: By Common Sense (windowsitpro.com)
Microsoft's advice on Downadup leaves users open to attack, says US-CERT(computerworld.com)
No comments:
Post a Comment